/*
Unix SMB/CIFS Implementation.
LDAP protocol helper functions for SAMBA
Copyright (C) Volker Lendecke 2004
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see .
*/
#ifndef _LIBCLI_LDAP_MESSAGE_H_
#define _LIBCLI_LDAP_MESSAGE_H_
#include "../libcli/ldap/ldap_errors.h"
#if _SAMBA_BUILD_ == 3
#include "lib/ldb_compat.h"
#else
#include
#endif
enum ldap_request_tag {
LDAP_TAG_BindRequest = 0,
LDAP_TAG_BindResponse = 1,
LDAP_TAG_UnbindRequest = 2,
LDAP_TAG_SearchRequest = 3,
LDAP_TAG_SearchResultEntry = 4,
LDAP_TAG_SearchResultDone = 5,
LDAP_TAG_ModifyRequest = 6,
LDAP_TAG_ModifyResponse = 7,
LDAP_TAG_AddRequest = 8,
LDAP_TAG_AddResponse = 9,
LDAP_TAG_DelRequest = 10,
LDAP_TAG_DelResponse = 11,
LDAP_TAG_ModifyDNRequest = 12,
LDAP_TAG_ModifyDNResponse = 13,
LDAP_TAG_CompareRequest = 14,
LDAP_TAG_CompareResponse = 15,
LDAP_TAG_AbandonRequest = 16,
LDAP_TAG_SearchResultReference = 19,
LDAP_TAG_ExtendedRequest = 23,
LDAP_TAG_ExtendedResponse = 24
};
enum ldap_auth_mechanism {
LDAP_AUTH_MECH_SIMPLE = 0,
LDAP_AUTH_MECH_SASL = 3
};
struct ldap_Result {
int resultcode;
const char *dn;
const char *errormessage;
const char *referral;
};
struct ldap_BindRequest {
int version;
const char *dn;
enum ldap_auth_mechanism mechanism;
union {
const char *password;
struct {
const char *mechanism;
DATA_BLOB *secblob;/* optional */
} SASL;
} creds;
};
struct ldap_BindResponse {
struct ldap_Result response;
union {
DATA_BLOB *secblob;/* optional */
} SASL;
};
struct ldap_UnbindRequest {
uint8_t __dummy;
};
enum ldap_scope {
LDAP_SEARCH_SCOPE_BASE = 0,
LDAP_SEARCH_SCOPE_SINGLE = 1,
LDAP_SEARCH_SCOPE_SUB = 2
};
enum ldap_deref {
LDAP_DEREFERENCE_NEVER = 0,
LDAP_DEREFERENCE_IN_SEARCHING = 1,
LDAP_DEREFERENCE_FINDING_BASE = 2,
LDAP_DEREFERENCE_ALWAYS
};
struct ldap_SearchRequest {
const char *basedn;
enum ldap_scope scope;
enum ldap_deref deref;
uint32_t timelimit;
uint32_t sizelimit;
bool attributesonly;
struct ldb_parse_tree *tree;
int num_attributes;
const char * const *attributes;
};
struct ldap_SearchResEntry {
const char *dn;
int num_attributes;
struct ldb_message_element *attributes;
};
struct ldap_SearchResRef {
const char *referral;
};
enum ldap_modify_type {
LDAP_MODIFY_NONE = -1,
LDAP_MODIFY_ADD = 0,
LDAP_MODIFY_DELETE = 1,
LDAP_MODIFY_REPLACE = 2
};
struct ldap_mod {
enum ldap_modify_type type;
struct ldb_message_element attrib;
};
struct ldap_ModifyRequest {
const char *dn;
int num_mods;
struct ldap_mod *mods;
};
struct ldap_AddRequest {
const char *dn;
int num_attributes;
struct ldb_message_element *attributes;
};
struct ldap_DelRequest {
const char *dn;
};
struct ldap_ModifyDNRequest {
const char *dn;
const char *newrdn;
bool deleteolddn;
const char *newsuperior;/* optional */
};
struct ldap_CompareRequest {
const char *dn;
const char *attribute;
DATA_BLOB value;
};
struct ldap_AbandonRequest {
int messageid;
};
struct ldap_ExtendedRequest {
const char *oid;
DATA_BLOB *value;/* optional */
};
struct ldap_ExtendedResponse {
struct ldap_Result response;
const char *oid;/* optional */
DATA_BLOB *value;/* optional */
};
union ldap_Request {
struct ldap_Result GeneralResult;
struct ldap_BindRequest BindRequest;
struct ldap_BindResponse BindResponse;
struct ldap_UnbindRequest UnbindRequest;
struct ldap_SearchRequest SearchRequest;
struct ldap_SearchResEntry SearchResultEntry;
struct ldap_Result SearchResultDone;
struct ldap_SearchResRef SearchResultReference;
struct ldap_ModifyRequest ModifyRequest;
struct ldap_Result ModifyResponse;
struct ldap_AddRequest AddRequest;
struct ldap_Result AddResponse;
struct ldap_DelRequest DelRequest;
struct ldap_Result DelResponse;
struct ldap_ModifyDNRequest ModifyDNRequest;
struct ldap_Result ModifyDNResponse;
struct ldap_CompareRequest CompareRequest;
struct ldap_Result CompareResponse;
struct ldap_AbandonRequest AbandonRequest;
struct ldap_ExtendedRequest ExtendedRequest;
struct ldap_ExtendedResponse ExtendedResponse;
};
struct ldap_message {
int messageid;
enum ldap_request_tag type;
union ldap_Request r;
struct ldb_control **controls;
bool *controls_decoded;
};
struct ldap_control_handler {
const char *oid;
bool (*decode)(void *mem_ctx, DATA_BLOB in, void *_out);
bool (*encode)(void *mem_ctx, void *in, DATA_BLOB *out);
};
struct asn1_data;
struct ldap_message *new_ldap_message(TALLOC_CTX *mem_ctx);
NTSTATUS ldap_decode(struct asn1_data *data,
const struct ldap_control_handler *control_handlers,
struct ldap_message *msg);
bool ldap_encode(struct ldap_message *msg,
const struct ldap_control_handler *control_handlers,
DATA_BLOB *result, TALLOC_CTX *mem_ctx);
NTSTATUS ldap_full_packet(void *private_data, DATA_BLOB blob, size_t *packet_size);
bool asn1_read_OctetString_talloc(TALLOC_CTX *mem_ctx,
struct asn1_data *data,
const char **result);
void ldap_decode_attribs_bare(TALLOC_CTX *mem_ctx, struct asn1_data *data,
struct ldb_message_element **attributes,
int *num_attributes);
#endif